Hackers broke into the computers of NextGen Healthcare, a U.S.-based provider of electronic health record software, and stole the personal information of over a million patients.
NextGen Healthcare reported that hackers accessed the personal information of 1.05 million patients, including around 4,000 Maine residents, in a notification filed with the office of the attorney general of Maine. NextGen Healthcare informed people whose information was compromised that hackers took names, dates of birth, residences, and Social Security numbers.
“Importantly, our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data,” the business said. NextGen Healthcare’s representative Tami Andrade declined to tell TechCrunch whether the firm had the capabilities, such as logs, to ascertain what data was exfiltrated.
Nextgen Healthcare data breach
NextGen Healthcare reported to the AG of Maine that it discovered unauthorized access to its systems occurred between March 29 and April 14, 2023 after receiving an alert about suspicious behavior on March 30. According to the alert, the hackers were able to access the cloud-based EHR and practice management application NextGen Office by utilizing customer credentials that “appear to have been stolen from other sources or incidents unrelated to NextGen.”
In a statement to TechCrunch, Andrade explained that after discovering the breach, the company “took steps to investigate and remediate,” including consulting with top cybersecurity professionals and alerting authorities. “On April 28, 2023, we notified the individuals known to be affected by this incident and extended our offer of free fraud detection and identity theft protection to them for 24 months.”
According to sources, the ALPHV ransomware group, also known as BlackCat, attacked NextGen with ransomware in January of this year. Samples of the stolen information, such as employee names, residences, phone numbers, and passport scans, are included in a listing on ALPHV’s dark web leak site, which was viewed by TechCrunch.
The number of patients affected by the massive ransomware assault on clients who utilized Fortra’s GoAnywhere file-transfer software has increased after the announcement of NextGen’s newest breach. Last week, Florida-based IT business NationBenefits revealed that the cyberattack compromised the personal information of more than 3 million members, while the virtual treatment service Brightline said that the personal information of more than 960,000 of its pediatric mental health patients was compromised.